Forum

Welcome to the newly redesigned Science Careers Forum. Please bookmark this site now for future reference. If you've previously posted to the forum, your current username and password will remain the same in the new system. If you've never posted or are new to the forum, you will need to create a new account.

The new forum is designed with some features to improve the user experience. Upgrades include:- easy-to-read, threaded discussions- ability to follow discussions and receive notifications of updates- private messaging to other SC Forum members- fully searchable database of posts- ability to quote in your response- basic HTML formatting available

I don't know if this will trouble anyone here on the forum, but it's quite an issue for me in the business that I am in. There is now a great big increase in the number of fake LinkedIn invitations being sent by people with malicious intent.

I'm actually not quite sure what they would use this information for -- the info that shows up on a "connection" once linked. After all, I don't have my social security number or anything on there. But I do have my personal email address and some other stuff that would be for LI friends only.

There's a sleaze recruiting company (read "Resume Mailer") operation over in NJ that keeps coming up with fake biotech scientist LinkedIn profiles and mailing me connection requests. I have tried a few of these to see if they are listed as employees at the companies shown, and of course they aren't. They are identifiable sometimes by the photo used (looks like they get them out of a HS yearbook) and by the fact that even though it has hundreds of connections, it's got no referrals, no recommendations, and so on.

I have always been quite open about who I connect with -- if it helps both of us, why not connect? But now, after six attempts to get my network like this, I'm being much more careful.

Just an FYI,

Dave Jensen

“There is no such thing as work-life balance. Everything worth fighting for unbalances your life.”- Alain de Botton

I have actually run into something similar, and possibly worse. I am involved in an initiative to improve funding for early-stage companies, and we received a communication from an investment firm in the UK. When I went to check them out, I found that the e-mail address that was given by the contact (apparently high-level within the company) did not conform to the firm's standard pattern. When I looked up the contact on LinkedIn, it gave a physical address in Asia, and while the photo of the contact was the same, there were some cropping errors that convinced me that this had been copied from the real company's web site. In short, it was a stolen identity scam.

It's a shame, but I guess I shouldn't be surprised. A regular, non-paying LinkedIn user can see only those in their network (to a 3rd degree) or in groups they belong to. I guess if a bot connects with enough people, they have the ability to call up everyone's profile page? Is that worth something? It must be, or why would a "hacker" do it?

One nice bit of advice that circulated in my grad school years was to change the default "I'd like to add you to my LinkedIn network" text when linking with others. This will guarantee that you are not a bot, and also get whatever you say directly into the eyes of your interested person. The problem is that LinkedIn will send that canned response if you are not attempting to connect from someone's profile. Something to watch out for.

"The single factor that differentiates Nobel laureates from other scientists is training with another Nobel laureate." -- Sol Snyder

an excerpt, explaining what those fake accounts are used for:"The primary goal of these fake LinkedIn accounts is to map out the networks of business professionals. Using these fake LinkedIn accounts, scammers are able to establish a sense of credibility among professionals in order to initiate further connections.In addition to mapping connections, scammers can also scrape contact information from their connections, including personal and professional email addresses as well as phone numbers. This information could be used to send spear-phishing emails."

Last year I got a linkedIn invitation from a person I didn't know that was from a general non-profit patient organization. I work for a non-profit patient organization so even if I didn't remember that person I accepted. I thought maybe it was from some of the recent conferences I attended in the field. I noticed she had about 50 connections by the time I accepted.

A few days later I got a private message from that person through LinkedIn telling me they had decided to grant an award to the best non profit of the year and they were impressed with our work. It was very obvious the text was general spam-type of text with no specific mention to the person it is addressed to. It prompted me to contact them with our bank account number and details so that they could give us the award.

I felt stupid and went directly to LinkedIn to eliminate that connection. By then she had grown to several hundreds of contacts in just a few days.

So in that case the person was targeting a very specific professional population (disease non-profits!) with the goal of sending out a classical wealthy nigerian type of scam. I guess I could/should have reported that profile to LinkedIn. I just deleted the contact.

Not sure why it didn't work for you -- it's just their help info, recently updated. I've pasted it below:

To flag inappropriate or fake profiles directly on LinkedIn, (i.e. profiles that contain profanity, empty profiles with fake names, or profiles that are impersonating public figures), please follow these steps:

- On the profile you want to report, hover your cursor over the Dropdown arrow next to Send a Message or Send InMail/View in Recruiter in the top section of their profile.- Select Block or Report.- Click the box next to Report.- Select a reason for flagging the profile.- Click Continue. - Select Agree.

"The single factor that differentiates Nobel laureates from other scientists is training with another Nobel laureate." -- Sol Snyder

an excerpt, explaining what those fake accounts are used for:"The primary goal of these fake LinkedIn accounts is to map out the networks of business professionals. Using these fake LinkedIn accounts, scammers are able to establish a sense of credibility among professionals in order to initiate further connections.In addition to mapping connections, scammers can also scrape contact information from their connections, including personal and professional email addresses as well as phone numbers. This information could be used to send spear-phishing emails."

So interesting! Thanks for sharing, E.K.L.

I could imagine how deadly the proper spear-phishing email could be -- I know for a fact some executives cannot be found via email or phone lines, but check their LinkedIn accounts religiously.

"The single factor that differentiates Nobel laureates from other scientists is training with another Nobel laureate." -- Sol Snyder